Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130333a3a2f33322d3332203d3e20323135343632.roa
File: 326131333a646130333a3a2f33322d3332203d3e20323135343632.roa (raw, json)
Hash identifier: SBs8h2+t6QDU1J2FG/blrmN+qmqR4M4fBNi1SbYEnNU=
Subject key identifier: 88:6D:50:87:E4:33:58:F9:D4:B2:31:04:B0:AE:47:6F:27:70:F5:D0
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 1AE36F2EE7623086D5D185EA511D51F61C1E89FA
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130333a3a2f33322d3332203d3e20323135343632.roa
Signing time: Mon 09 Feb 2026 18:55:38 +0000
ROA not before: Mon 09 Feb 2026 18:50:38 +0000
ROA not after: Mon 08 Feb 2027 18:55:38 +0000
asID: 215462
IP address blocks: 2a13:da03::/32 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:e3:6f:2e:e7:62:30:86:d5:d1:85:ea:51:1d:51:f6:1c:1e:89:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Feb 9 18:50:38 2026 GMT
Not After : Feb 8 18:55:38 2027 GMT
Subject: CN=886D5087E43358F9D4B23104B0AE476F2770F5D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:5b:e9:24:a0:1e:51:ee:fc:5c:98:f0:0a:
90:56:68:f9:dd:31:c9:e5:b6:d3:0f:d1:78:57:55:
28:0e:97:a2:8a:ef:85:8a:a1:29:eb:24:07:1f:bb:
58:09:b9:a9:68:df:86:53:61:be:f0:53:26:1d:bc:
e7:72:97:7c:81:a2:db:1b:50:00:9b:2f:21:d6:3a:
be:71:46:ca:cb:84:2d:f6:b8:dd:fb:de:70:38:3b:
38:7b:31:43:ab:8f:ad:ad:9c:14:56:6f:26:57:a5:
8d:a5:f7:17:98:a6:59:d6:75:95:40:00:38:ff:de:
8a:0f:b2:93:1f:b2:da:f4:39:b4:c9:ef:16:86:8a:
68:cb:09:a4:b5:89:c2:d4:92:5d:6e:fb:23:8a:76:
5d:16:a2:2f:04:2e:6b:f1:ec:2a:90:34:5e:cd:13:
7a:70:82:93:73:4f:12:94:fc:00:2b:7d:d7:65:c8:
09:ec:f8:c3:11:44:3c:35:5b:6b:3a:6f:4a:50:65:
f3:36:20:0a:f6:ea:2d:3b:eb:2b:ef:f0:00:d3:0a:
d0:0a:03:97:c1:eb:cf:56:ff:aa:9d:54:81:3d:03:
0a:c7:0e:53:59:d9:c3:31:32:7d:69:ff:d2:4a:ae:
43:a6:0c:db:29:29:a0:82:d6:be:bc:e8:27:0c:70:
5b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6D:50:87:E4:33:58:F9:D4:B2:31:04:B0:AE:47:6F:27:70:F5:D0
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/326131333a646130333a3a2f33322d3332203d3e20323135343632.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da03::/32
Signature Algorithm: sha256WithRSAEncryption
5a:c6:da:87:99:58:10:87:bb:0a:6c:7c:a9:d2:7d:f6:07:3c:
ae:cd:f6:a6:f5:27:b7:52:1e:e3:c0:25:c6:23:66:7a:91:87:
15:92:76:ef:34:eb:5e:de:05:12:bf:2e:12:9e:a9:78:24:90:
f8:b6:66:51:20:da:da:ac:b9:37:a5:2b:3b:39:ae:5f:88:3f:
15:22:48:ed:0f:93:9e:25:14:76:87:e8:22:65:5f:41:33:20:
bc:0d:d4:fc:32:a2:34:75:99:f1:17:cd:72:b0:ff:99:71:cc:
f1:6e:4d:74:31:6f:05:c1:b0:32:d6:9c:e7:3c:8c:b3:40:b6:
41:7d:24:56:92:f3:8c:ab:b3:ee:0d:b3:fc:41:3c:a9:ff:82:
76:ed:6b:19:80:9e:35:d2:6b:b0:44:9a:fd:4d:4c:25:58:bb:
76:e6:4e:be:12:9c:61:46:78:7b:29:8e:8e:d6:db:e0:fa:51:
73:1a:53:6a:18:52:0e:21:41:02:a4:0a:1a:98:26:00:45:dc:
48:7a:70:89:9f:f8:f8:2e:d9:94:69:7c:c2:0e:1c:0f:c8:8d:
0a:94:23:c1:c6:35:06:92:21:37:5f:67:32:76:2c:c9:d6:cd:
aa:0b:14:64:37:5f:c8:3d:90:2e:3c:8b:98:2c:31:31:1e:b8:
b8:ee:9b:9b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUGuNvLudiMIbV0YXqUR1R9hweifowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNjAyMDkxODUwMzhaFw0yNzAyMDgxODU1MzhaMDMxMTAvBgNV
BAMTKDg4NkQ1MDg3RTQzMzU4RjlENEIyMzEwNEIwQUU0NzZGMjc3MEY1RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKcFvpJKAeUe78XJjwCpBWaPnd
McnlttMP0XhXVSgOl6KK74WKoSnrJAcfu1gJualo34ZTYb7wUyYdvOdyl3yBotsb
UACbLyHWOr5xRsrLhC32uN373nA4Ozh7MUOrj62tnBRWbyZXpY2l9xeYplnWdZVA
ADj/3ooPspMfstr0ObTJ7xaGimjLCaS1icLUkl1u+yOKdl0Woi8ELmvx7CqQNF7N
E3pwgpNzTxKU/AArfddlyAns+MMRRDw1W2s6b0pQZfM2IAr26i076yvv8ADTCtAK
A5fB689W/6qdVIE9AwrHDlNZ2cMxMn1p/9JKrkOmDNspKaCC1r686CcMcFvlAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUiG1Qh+QzWPnUsjEEsK5Hbydw9dAwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzI2MTMxMzMzYTY0NjEzMDMz
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzQzNjMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhPaAzANBgkqhkiG9w0BAQsFAAOCAQEAWsbah5lYEIe7Cmx8qdJ99gc8rs32pvUn
t1Ie48AlxiNmepGHFZJ27zTrXt4FEr8uEp6peCSQ+LZmUSDa2qy5N6UrOzmuX4g/
FSJI7Q+TniUUdofoImVfQTMgvA3U/DKiNHWZ8RfNcrD/mXHM8W5NdDFvBcGwMtac
5zyMs0C2QX0kVpLzjKuz7g2z/EE8qf+Cdu1rGYCeNdJrsESa/U1MJVi7duZOvhKc
YUZ4eymOjtbb4PpRcxpTahhSDiFBAqQKGpgmAEXcSHpwiZ/4+C7ZlGl8wg4cD8iN
CpQjwcY1BpIhN19nMnYsydbNqgsUZDdfyD2QLjyLmCwxMR64uO6bmw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:50:20 2026 by rpki-client